We are committed to protecting your privacy and legal rights when dealing with your personal information. This Privacy Notice intends to provide clear and understandable details about the information we collect about you and how we use and protect it. It also provides information about your rights that relate to the data we process. Any information we obtain about you, must be stored and used in accordance with the General Data Protection Regulation (GDPR) and we acknowledge and agree to do this.
If you have any queries about this Privacy Notice, if you are not sure what something means, or if you wish to contact us about personal information we hold, please email us at:
What data do we collect about you?
We collect any data which could be considered as personal, sensitive or financial data, which includes (but is not limited to):
Your current full name full name
Your current address
Your contact telephone numbers
Your email addresses
Your date of birth
Your GP details
Next of kin or similar contact details
Details of any complaints or grievances raised that relate to the provision of our services
Financial details that relate to payments for our services (note we do not store card details)
Account details relating to your private medical insurance provider
Special Category personal information This is personal information specifically relating to your:
Health, both physical and mental
Special Category personal information relating to health can include (but is not limited to) clinical notes, examination findings, medical imaging data related to your care, diagnostic test results, correspondence and communications from other clinical professionals which relates to your current or past clinical care.
How do we use your data we collect?
The information that we collect and store relating to you is primarily used to enable us to provide our services to you. In addition, we may use the information for the following purposes:
To provide you with information requested from us, relating to our products or services. To provide information on other products or services which we feel may be of interest to you, where you have consented to receive such information.
To meet our contractual commitments to you.
If you are an existing customer, we may contact you with information about goods and services similar to those which were the subject of a previous sale to you.
Further, we may use your data so that you can be provided with information about unrelated goods and services which we consider may be of interest to you. We may contact you about these goods and services by any of the methods that you consented at the time your information was collected.
The Health and Social Care Act 2008 (Regulated Activities) Regulations 2014
PART 3, Section 2, Regulation 17 (c)
(c) maintain securely an accurate, complete and contemporaneous record in respect of each service user, including a record of the care and treatment provided to the service user and of decisions taken in relation to the care and treatment provided;
Note, you as the patient are the “service user”.
We are also required by our Regulatory body, the Health & Care Professions Council (the HCPC) to take and process medical records, which are required to support safe and effective care. As our regulatory body is covered by UK law, this also demonstrates a legal requirement to record and maintain clinical records that relate to your clinical care.
Sharing your personal information
The Body Clinic will share your data with the following people –
1. Your Physiotherapist or your Podiatrist or your Pilates Instructor/teacher
2. An approved GDPR-complaint contractor
We sometimes need to share your information with other people or organisations for the purposes set out in this Privacy Notice. We will, where required, share the minimal amount of your personal data as appropriate with the other people or organisations we are communicating with:
Doctors, surgeons, clinicians and other health-care professionals, hospitals, clinics and other health-care providers;
Their administrative staff such as secretaries;
People or organisations that we are required by law or our regulatory body to share your personal information with;
The police or other law enforcement agencies, where we are either required by law or a court order;
A parent or legal guardian if you are a minor;
Any person that you have authorised us to share information with
How do we store the data we have collected?
We store your data in two ways –
a) Paper storage: We keep copies of your data and any documents in a file which is stored in our filing cabinets in the office. Our office procedures comply with the GDPR and are locked so that your file is not accessible except when a data processor is undertaking work related to your tenancy.
b) Electronic storage: All your personal data is stored on our in-office database, our vitruviant software system and the physiotherapists or Podiatrist or Pilates Instructors mobile phones, electronic devices and laptops. Access to the data is only via password-protected devices.
Both our storage mediums are designed to be fully compliant with the GDPR.
Other information we collect
Details of your visits (dates and times) stored in a written diary, online password protected diary and password protected mobile phone diary.
You have certain rights under the GDPR. The rights are as follows:
The right to access your information.
To object to the processing of your personal information.
To rectify, to erase, to restrict, to object and to port (make portable) your personal information.
The right to be forgotten (in certain circumstances)
The right to withdraw consent.
The right to lodge a complaint with the ICO (Information Commissioner’s Office)
Any clinical opinions will remain valid as they were the opinion at the time of being recorded. If it is later determined that a clinical opinion or diagnosis was then found to have changed, we will update your personal information to reflect this, but we will not change or remove the original clinical opinion.
Changes to the privacy notice. - The privacy notice may be changed by The Body Clinic to comply with a further legislation or to ensure compliance as more guidance becomes available.
Last updated: 13th Septemeber 2021